Citing the best practice for AIoT security would be to implement AI security measures at a very early stage. The firm has contributed a series of factors to consider:

• Zero-click attacks in IoT environments are some of the most insidious cybersecurity threats and are often underappreciated. Such attacks exploit hidden or newly-found (zero day) vulnerabilities in IoT devices, all without any user involvement. This makes them extremely dangerous, as the attacks can go unnoticed until significant damage is done. IoT devices are particularly susceptible to these attacks because of their limited computational power, potentially outdated firmware and often weak security protocols. In many cases, IoT devices are deployed in large numbers with little oversight, creating a vast attack surface for cybercriminals. Organizations should not underestimate the sheer scale of the IoT threat landscape. General best practices are continuous monitoring, regularly patching and employing network segmentation.
• Another often overlooked aspect is collaboration with device manufacturers to ensure “secure by design” principles are applied from the outset, as many IoT devices lack robust security out of the box. Understanding the sophistication of zero-click attacks and integrating IoT specific countermeasures is essential for any comprehensive cybersecurity strategy.
• Another security vector is 5G’s network slicing feature that allows different virtual networks to run on the same physical infrastructure. While this improves efficiency — if not properly secured — a breach in one slice can provide access to other slices, including IoT assets. The best practise in this case would be to use “slice isolation” to prevent unauthorized access and data breaches, in addition to strong authentication and encryption, using the principles of Zero Tolerance.
• The mainstreaming of Wi-Fi 6 (802.11ax) and soon Wi-Fi 7 (802.11be) harbors security concerns that remain underrated. Wi-Fi 6’s focus on efficiency carries new vulnerabilities: its improved ability to handle multiple devices on the same network could lead to Denial of Service attacks. Also, Wi-Fi6 increases traffic complexity due to the establishment of mesh networks, which can become a weak point if an attacker compromises a single device and uses it to propagate malicious traffic to other meshed assets, infecting the complete IoT ecosystem. The best practise is to secure device onboarding, monitor traffic at the device level and also between IoT devices. This serves to quickly detect lateral movement (propagation attacks) or other anomalies.
• The supply chain of IoT devices is often vast and non-transparent, with components sourced globally. This creates a unique risk: the integrity of these devices could have been compromised long before they reach the consumer or enterprise. Hardware Trojans, counterfeit components or backdoors introduced during manufacturing can create vulnerabilities that are nearly impossible to detect once the devices are deployed. Such hardware-level attacks are difficult to detect, and cybercriminals can introduce malicious code or backdoors at the chip level, making the trojan code undetectable by conventional software-based security solutions. Another related supply chain danger is dependency on untrusted suppliers. Many IoT devices, especially low-cost consumer devices, use components from suppliers with poor security practices. This creates a hidden risk for organizations relying on these devices at scale. The general advice here is to demand supply chain transparency. Organizations should only work with IoT manufacturers that offer supply chain transparency and ensure that components are sourced from trusted, secure suppliers, via the various secure supply chain ecosystem regulations such as CRA and NIS2.